> While observing some packet dump, I noticed that while sending > the same application data over twice, different packet dumps > were obtained in both cases.
Good. > This was done in the same SSL session, so the connection keys > being used are all the same. Is this expected behavior or am I > reading the packet dumps wrong? This is expected behavior. Imagine if the first message was "attack at dawn" and the second message was "attack at noon". Would you be happy if a man-in-the-middle could change the second message to "attack at dawn" (by replacing the end of the second exchange with a copy of the end of the first)? I know I wouldn't be. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]